package com.vframework.system.security.controller;

import java.util.HashMap;
import java.util.List;
import java.util.Map;

import javax.servlet.http.HttpServletRequest;

import org.apache.shiro.SecurityUtils;
import org.apache.shiro.authc.UsernamePasswordToken;
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.stereotype.Controller;
import org.springframework.ui.Model;
import org.springframework.web.bind.annotation.RequestMapping;
import org.springframework.web.bind.annotation.RequestParam;
import org.springframework.web.bind.annotation.ResponseBody;
import org.springframework.web.servlet.mvc.support.RedirectAttributesModelMap;

import com.vframework.base.controller.BaseController;
import com.vframework.common.constant.SessionConstant;
import com.vframework.system.menu.model.MenuBean;
import com.vframework.system.security.service.SecurityService;
/***************************************************************
 * Name:        SecurityAction.java     
 * Create At:   2010-04-22
 * Module:      用户登录
 * Description: [用户登录-包括登录、首页功能]
 * Author       shanzhitong
 * ------------------------------------------------------------
 * 修改历史
 * 序号   日期                修改人              修改原因
 * 1   
***************************************************************/
@Controller
@RequestMapping("SecurityController")
public class SecurityController extends BaseController {

    private static final String BASE_PATH = "com/vframework/system/security/pages/";
    
	private String rand = null;//验证码
	
	@Autowired
	private SecurityService securityService;
	@Autowired
	private HttpServletRequest request;
	/**
	* Author:zhoudongxue
	* Create At:   2012-11-14
	* Description: [登录-校验验证码是否正确]
	* @return String
	 * @throws Exception 
	*/
	@RequestMapping(value = "validateCode")
	@ResponseBody
	public String validateCode(@RequestParam(required=false) String validateCode) throws Exception{
		try{
			rand = (String)request.getSession().getAttribute(SessionConstant.SESSION_VALIDATE_CODE);
			String input = request.getParameter("validateCode");
			if (rand==null || !rand.equals(input)) {
				return "0";
			}else{
				return "1";
			}
		}catch(Exception e){
		    super.message(e.getMessage());
			return BASE_PATH + "login";
		}
	}
	/**
	 * Author:shanzhitong
     * Create At:2010-04-22
     * Description: [登录-处理用户登录请求]
     * @return String
     */
	@RequestMapping(value = "login")
	public String login(RedirectAttributesModelMap modelMap) throws Exception {
		try {
			Map<String, Object> paramMap = new HashMap<String, Object>();
			paramMap.put("param_userId", request.getParameter("param_userId"));
			paramMap.put("param_password", request.getParameter("param_password"));
			UsernamePasswordToken token = new UsernamePasswordToken(request.getParameter("param_userId"), request.getParameter("param_password"));
			SecurityUtils.getSubject().login(token);
			securityService.insertLog(super.MakeLogBean(super.LOG_LOGIN_KEY,"用户登录", super.paramMap.toString()));
		} catch (RuntimeException e) {
		    modelMap.addFlashAttribute("resultMsg", e.getMessage());
			return "redirect:/";
		}
		return BASE_PATH + "mainFrame";
	}
	
	@RequestMapping(value = "leftMenu")
    @ResponseBody
    public List<MenuBean> leftFrame(Model model) {
        try {
            String userId = (String) paramMap.get("cur_userId");
            List<MenuBean> menuTree = securityService.getMenuByUserId(userId);
            return menuTree;
        } catch (Exception e) {
            return null;
        }
    }
}